Read as
Why this module exists. Data masking, tokenisation, and pseudonymisation are the techniques that let sensitive data serve operational purposes (analytics, testing, customer support) without exposing the underlying values. Each has different properties and use cases. This module covers the techniques and where each fits.
Why this module exists. “Use real production data in development” is the line that produces audit findings and breaches. The alternatives — masking, tokenisation, pseudonymisation, synthetic data — each have tradeoffs. This module is the practitioner reference.
The four techniques compared
| Technique | Reversible? | Use cases |
|---|---|---|
| Static masking | No | Test / dev datasets; analytical exports |
| Dynamic masking | No (per session) | Customer support; limited-access query views |
| Tokenisation | Yes (via token vault) | Payment processing; reversible data replacement |
| Pseudonymisation | Yes (with key) | Research, analytics with re-identification capability |
DPDP Act in your stack?
Get a DPDP gap assessment
Free 30-minute call. We map your data flows against DPDP §8 obligations and tell you exactly which gaps to fix first. Auditor-defensible output.
Book DPDP scoping call
Replies in 4 working hrs · India-only · Senior consultants